Disable default author website url sanitization in comments

  • Hello!

    I created my custom function to sanitize and validate a visitor comment data to insert it to database using the “wp_insert_comment” hook. Everything ok!

    But as long I really don’t care about the visitor website, I though about using that field to other useful information. So I decided to let the visitor specify their city/country name using that field. Also the website field is visible in comments moderation in admin area to quickly modify as I wish. That was very useful for me.

    Here the problem starts. I don’t know why but WordPress forces the author website url field to be a url! Yeah… I know that it should behave like that, but I suppose that the wp_insert_comment hook doesn’t make any kind of sanitization or validation (that’s the reason wp recomment wp_new_comment).

    Wordpres adds “https://” in the text, and all spaces became “%20”! That looks horrible in my case… I.E: “New York, USA” looks like “https://New%20York,%20USA”

    Is there some way to disable this only in author websites fields in comments?

    Regards!

Viewing 1 replies (of 1 total)
  • Moderator bcworkz

    (@bcworkz)

    Try this in functions.php:

    // do not url escape comment author's website
add_action('init', 'gtk_remove_url_filter');
function gtk_remove_url_filter() {
   remove_filter('pre_comment_author_url', 'esc_url_raw');
}
// partly fixes comments list table display
// results in bad links
add_filter('get_comment_author_url', 'gtk_strip_http');
function gtk_strip_http( $url ) {
   $url = preg_replace('|https?://|', '', $url );
   $url = str_replace('%20', ' ', $url );
   return $url;
}
// fix frontend comment author links
add_filter('get_comment_author_link', 'gtk_strip_anchor', 10, 3 );
function gtk_strip_anchor( $link, $author, $id ) {
   return $author;
}

    This is not a total fix. The Comments Admin Screen displays the data correctly, but it is still in the form of a link, a bad link which will not go anywhere, so don’t click on this link ?? The comment edit screen displays the https:// and %20 still, even though the data in the DB is correct. There is no good way to fix this. If you should click update without fixing this element, it will be saved in the DB as a link ??

Viewing 1 replies (of 1 total)
  • The topic ‘Disable default author website url sanitization in comments’ is closed to new replies.